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RIQglVED 
eENmFAXCiNTER 

REMARKS AUG 0 1 2006 

The Applicants request reconsideration of the Final Rejection mailed 
May 1,2006, 

Claims 26-31 remain pending. 

Claims 26-27 and 29-30 were rejected under 35 U,S,C. §1 03(a) as being 
unpatentable over Dobbins et a!., U.S. Patent No. 5,485^455 (Dobbins) in view of 
Jain et aL, U.S. Patent No, 6,31 1 ,218 (Jain). The Applicants traverse as follows. 

Independent claims 26 and 29 are respectively directed to a network relaying 
method and apparatus in which a packet containing a packet transmission source 
address is received at an I/O port. The method determines whether a combination of 
the I/O port and the packet transmission source address coincides with a 
combination that has been registered in advance. When the combination coincides 
with the pre-registered combination, the packet is transferred via a second I/O port. 

When» however, it is determined that the combination does not coincide with a 
pre-reglstered combination, a user authentication is requested to the source terminal 
of the received packet. Upon receiving the user authentication information sent from 
the source terminal, the method executes user authentication of the user based on 
the user authentication information. If the user is authenticated, the method registers 
the first I/O port with a correspondence to the packet transmission source address, 
and transfers the packet received at the first I/O port via the second I/O port. 
However, when the user is not authenticated in the executing step, the method does 
not transfer the packet. 
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Apparatus claim 29 is similar in requiring a relay portion which determines a 
transmitting I/O port and which determines whether a combination of the receiving 
I/O port and a packet transmission source address contained in the pacl<et coincides 
with a combination of an I/O port and a transmission source address that have been 
registered in advance. The relay portion transfers the received packet from the 
transmitting I/O port when it is determined that the combination coincides with a pre- 
registered combination. 

However^ the relay portion requests user authentication from the source 
terminal of the received packet when it is determined that the combination does not 
have a coincidence with a pre-registered combination. An authentication portion of 
the apparatus performs user authentication based on user authentication information 
sent from the source terminal in response to the request for user authentication, and 
registers a receiving I/O port with a correspondence to the packet transmission 
source address when user authentication is confirmed. However, when the 
authentication portion does not authenticate the user, the relay portion does not 
transfer the receipt packet. 

That is, the received packet is relayed or transferred when the receive port 
and the transmission source address of the received packet are registered in 
advance, and user authentication is executed when the received port and the 
transmission source address of the received packet are not registered in advance. 
When the user authentication is successful, a received packet is relayed or 
transferred, and a combination of the received port and the transmission source 
address of the received packet are registered. Subsequent relaying or transfemng 

7 



PAGE 1 0/1 6 * RCVD AT 8/112006 4:24:32 PM [Eastern Daylight Time] * S 



08-01-'06 14:26 FROM-Mattingly, Stanger 703-684-1157 T-889 P011/016 F-890 

or received packet from that transmission source address on that port can thus be 
permitted without additional user authentication. 

Turning to the references applied in the rejection, the primary reference to 
Dobbins is cited as disclosing the receipt of a packet containing a source address 
and a destination address, with switching performed according to the coincidence of 
the source address/destination address combination with a pre-stored combination. 
Dobbins discloses that a switch stores combinations of "addresses of the 
transmission terminals, addresses of the received terminals, received port numbers 
of the switch, transmission port numbers of the switch, etc," and the switch 
detenmines the transmission or relaying destination based on the combinations. In 
this manner, the data communication in the connectionless mode originally is treated 
provisionally as a data communication path in the connection oriented mode, and the 
path is subjected to QoS controK Thus. Dobbins does not teach or suggest a 
scheme by which the unauthorized use of an address, tapping of data, or feigning of 
another person can be prevented, or to facilitate the realization of the analysis and 
recovery of erroneous address settings. Further. Dobbins does not perform a 
determination as to the permission or inhibition of relaying a packet based on user 
authentication. Instead, Dobbins merely discards a received packet which does not 
correspond to one of the pre-stored combinations noted above. 

The Applicants previously suggested that Dobbins teaches that a packet is 
transmitted from all ports except for the inbound port when the destination is 
uncertain, to which the Examiner responded that such is an aspect of the prior art to 
Dobbins "[bjecause SFPS uses both the source and destination addresses it does 
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not have the failings of current bridges and routers." in reply, the Applicants note 
Fig. 7C-2 of Dobbins, which shows that a packet received without a registered 
source address-destination address is either treated as a broadcast (i.e., output from 
all ports) or discarded. Thus, although the Applicants' remarks in the prior Office 
Action were somewhat incomplete, it is nevertheless true that Dobbins does not treat 
an incoming packet in the same way as claimed. Specifically, and as also noted by 
the Examiner. Dobbins does not permit a non-broadcasted packet to be transmitted 
to its desired destination at all. 

The claimed invention, of course, treats such a packet by requesting a user 
authentication which, if validated, permits an association to be made between the 
source address and the destination address such that the packet can be delivered to 
the destination address via an appropriate transmitting point. Moreover, the packet 
source address and receive port are registered in combination upon authentication. 
Jain is applied against this feature of the Invention, but Jain clearly teaches that an 
authentication routine is performed every time an end system ES makes a new 
connection on a port. Col. 2, lines 3-5. As set forth in col. 4, lines 19-23, an 
authentication process is called whenever a physical connection is detected on an 
unauthenticated port or whenever any attempt is made to transmit data on an 
unauthenticated port. Notably, the authentication does not consider any relationship 
between the source address and the receive port, or cause a registration thereof 
after authentication. 

Moreover, this teaching is in direct conflict with the teaching of Dobbins, and 
thus represents a teaching away that renders the combination of these two 
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references improper. Dobbins positively teaches that a non-broadcast packet failing 
to contain any source address-destination address combination pre-stored in the 
connection database must be discarded. In addition, the authentication taught by 
Jain is not an authentication that is suggested for the circumstance proposed by 
Dobbins. Instead, as noted above, Jain requires the authentication routine every 
time an end system mal<es a new connection. There is no decision process 
corresponding to that of the claimed invention, wherein a user authentication is 
performed only when the combination of I/O port and source address is not 
registered in advance. More significantlyp the user authentication is taught by Jain to 
be implemented "each time there is any interruption in the physical lini^ with an end 
system connected to a particular network port ... to determine whether an end 
system is newly connected to a port, rebooted, or power cycled at a port." Col. 4, 
lines 49-57. Thus, the person of ordinary skill would not implement Jain's user 
authentication in Dobbins as suggested by the Examiner (that is, in response to 
learning that there is no pre-stored source address-destination address 
combination). 

Said differently, Jain is cited as teaching user authentication, but Jain 
detemnines the permission or inhibition of relaying packet only in accordance with 
information as to whether or not a port is connected and whether or not a port is 
authenticated. Jain does not teach or suggest a scheme that determines, according 
to whether or not a pre-stored combination exists at a received port and a 
transmission source address of a received packet coinciding with a combination of 
the received port and transmission source address registered in advance. 
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Accordingly, a combination of Dobbins and Jain itself does not perform a 
determination as to whether a received port and the transmission source address of 
the received packet coincides with a pre-stored combination via a comparison 
therebetween. Because the comblnatfon of Dobbins and Jain does not perform both 
the comparison and the determination as to the coincidence, necessarily the 
combination does not implement a user authentication based on the failure of such 
comparison or determination, and certainly does not determine the permission or 
inhibition of relaying the received packet based on such a comparison or 
determination. 

The Applicants note that they do not claim to be first to employ user 
authentication in packet transmission. Even though Jain is not properly motivated for 
combination with Dobbins, and even though any such combination is different from 
the invention as claimed, the Applicants do indeed recognize that many types of user 
authentication are known to the art. The Applicants urge the Examiner to consider 
the entire combination invention recited in the claims, and not merely to pick and 
choose seemingly similar teachings in the various references as a means of 
asserting that the Invention was known. 

The Applicants wish to further comment on the Examiner's remark on page 7 
of the Office Action that the argument that Jain fails to disclose any correspondence 
between an I/O port and the source network address is irrelevant because "one 
cannot show nonobviousness by attacking references individual where the rejections 
are based on combinations of references." This is well-settled law, of course, of 
which the Applicants are well aware. It is axiomatic, however, that if neither 
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reference teaches this feature of the invention, then necessarily the combination fails 
to teach this feature. In addition, because Jain falls to disclose such a 
correspondence, the innplementation of Jain's authentication scheme is only 
apparent to the person of ordinary skill in the situation disclosed or suggested by 
Jain (that is, when an end system is newly connected to a port, rebooted, or power 
cycled at the port). Thus, it is entirely appropriate to show nonobviousness by 
demonstrating Jain's failure to disclose any correspondence between an I/O port that 
has received a pacl<et and a source network address identified in the packet, as set 
forth in the claims. 

Claims 28 and 31 were rejected under 35 U.S.C. §103(a) as being 
unpatentable over Dobbins in view of Jain and Townsend et al., U.S. Patent 
No. 5,661,719 (Townsend), Townsend is applied as teaching a transmission source 
address that includes both an IP and MAC address. Townsend is not applied as 
disclosing the features missing from Dobbins and Jain as outlined above, and thus 
even in combination with Dobbins and Jain, fails to render obvious the claimed 
invention. 

In view of the foregoing amendments and remarks, Applicants request 
reconsideration of the rejection and allowance of the claims. 

To the extent necessary, Applicants petition for an extension of time under 37 
CFR 1.136. Please charge any shortage in fees due in connection with the filing of 
this paper, including extension of time fees, or credit any overpayment of fees, to the 
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deposit account of Mattingly, Stanger & Malur, P.C, Deposit Account No. 50-1417 
(referencing attorney docket no. ASA-838). 

Respectfully submitted, 

MATTINGLY, STANG£R. MALUR & BRUNDIDGE. P.C. 




D/nFel J. Sta^^r 
Regi3tration4slo. 32.846 



DJS/sdb 
(703) 684-1120 
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